Sony has admitted that it’s lost the personal dates of millions of PSN and Qriocity users, over a week after the services were first shut down. Names, email addresses, billing addresses and possibly credit card details have all been compromised.
In an email to all PSN users, Sony said it had suffered, “…an illegal and unauthorized [sic] intrusion into our network,” and that the issue was being investigated by, “…an outside, recognized [sic] security firm.” Details that have been compromised include name, address, country of residence, PSN ID, PSN password, security questions, purchase history, email and birth date.
What’s more, Sony is refusing to rule out credit card details going missing. Its statement says, “If you have provided your credit card data through PlayStation Network or Qriocity, to be on the safe side we are advising you that your credit card number (excluding security code) and expiration date may also have been obtained.”
With 77 million PSN users, this represents a huge security breach. Sony has said that its servers were attacked between 17 and 19 April, with the company suspending PSN and Qriocity since then. It had been believed that the service was still under attack until Sony’s statement last night.
Sony has been criticised for its sluggish response, but has hit back by saying it wanted to be sure what data had been breached before it gave an official confirmation. “It was necessary to conduct several days of forensic analysis, and it took our experts until yesterday to understand the scope of the breach,” said Sony’s Patrick Seybold. “We then shared that information with our consumers and announced it publicly.”
Gamers on Sony’s official blog have reacted furiously to the news. There’s still no word on when PSN will be back, or whether Sony has even more bad news to share. If you think you’ve been affected, you can check out Sony’s official PSN FAQ for more details.